Ever used Tor? Then your computer might be riddled with malware

Authorities are advising all users of the Tor network to check their computers for malware after it emerged that a Russian hacker has been using the network to spread a powerful virus. The malware is spread by a compromised node in the Tor network.

Tor, which began as a secret project from the US Naval Research Laboratory, works by piling up layers of encryption over data, nested like the layers of an onion, which gave the network its original name, The Onion Router (TOR).

Tor encrypts data, including the destination IP address, multiple times and sends it through a virtual circuit made up of successive, randomly selected relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit.

The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address.

However it has emerged that one of these exit nodes had been modified to alter any program downloaded over the network. This allowed the attacker to put his own executable code in such programs, and potentially take control of victims' computers.

Due to the altered node, any Windows executable downloaded over the network was wrapped in malware, and worryingly even files downloaded over Windows Update were affected.